diff options
-rw-r--r-- | dan/host_vars/ele-jitsi.yml | 40 | ||||
-rw-r--r-- | inventory/host_vars/ele-jitsi.yml | 4 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/defaults/main.yml | 5 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/tasks/main.yml | 80 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/templates/pod-spec.yml.j2 | 27 |
5 files changed, 126 insertions, 30 deletions
diff --git a/dan/host_vars/ele-jitsi.yml b/dan/host_vars/ele-jitsi.yml index 3ef1aa07..a97ec42a 100644 --- a/dan/host_vars/ele-jitsi.yml +++ b/dan/host_vars/ele-jitsi.yml @@ -1,20 +1,22 @@ $ANSIBLE_VAULT;1.2;AES256;dan -37376463653363343963386430623631633766653236303632303262363339666536346538613938 -3739343265623563333764383665653930323961346437630a356335306364306331353736613036 -62643965613432333332623235646365396431323265303862393836303531623039353233623433 -3736303336383538620a656338336565343661633563346637373037333435653062303262643236 -33323433323931656162336237396535363863316165336462643833303335656238306237383338 -37323062653334393565306661663033653531666562623130326537666536333339663932363066 -31633530343439373336366161333965393531393634663666333865353563343037343933626263 -34313935333839326439343837653531356664373566373038333432363163386262653636396537 -32323162346664663435626463333761373166386639313663626338316662626166666131633632 -31366231336339366363636639363233366162666330646234306134316262666363656136646463 -65393561336234376433313937363030366435366434663830326438656262636465363762663036 -38646230636564383364346238393765386565313430353037356134643330353138383262373733 -61626365353931383064343938353238316263313834366337623836343132313535643135396635 -33636165386530623839333834313338613536363466333261343161383737306437366561383238 -37666662663231316338623331613961353663343639623138363830623731306530633937346163 -37323834376631396636373831396539386233623464653039613737316561646332306365663662 -66393737333561376431393831316331653236386639366531613736386364616130323435353532 -37656461386463323465653737373038616537353435653665656137333764393865343630346335 -623437643137663136616261383763313264 +65396235316532653335326234663533333566343234613963356665343735353438326336306661 +3232376265623734393135363137343565646366383766650a373063663439313266633066656361 +32646335633534643536316631353764393061366363353162613533643338393461633166346133 +3962313836326438340a343531356237396536346437383934393838353232303632303735353230 +33363361323833626366613666636262336363306664363861613434626163303862366234373739 +30333065316264396532306666353863653533313139663766393934346337656133393362343565 +33616637633832653639346431373634373830623266326339326364313136316639363335626361 +39633131653762316266326538616239663833303664333131363665366638313736343165616439 +64383336353032366331333233623939626463656261393834653563373464366165323664396463 +66376431633965643261656231346666613163306639636431616139616466643137313931613833 +66323862646362616433393862633634656330313766396564396461646530363062616333616231 +38643036663961316139376635613039306362303635306265376435633662353066393633643435 +37386136666130363363396438386166363161393832646439323137616236303861643231353433 +39386134626533383964623731383938636632616435663335346561303061633535313266313336 +62303637616631653663386236396664363164303032333133313330303164346464666135623065 +61313131616335663531343364306462633732633766333838666333646133653965393033636663 +39613462653262343461616233323939623432386136643633623162633462376630656265373032 +65626266356562393237303338646461393030386464393835613566356334393663323462303237 +61666331653838363233626165636230646361393662666337323932643032343434386139363664 +63356235646230343265613163353534316264303237373830393832333937616535313233666639 +34353034636562633532616231633463633132376463646631363939323830616133 diff --git a/inventory/host_vars/ele-jitsi.yml b/inventory/host_vars/ele-jitsi.yml index c3251ac0..80032c54 100644 --- a/inventory/host_vars/ele-jitsi.yml +++ b/inventory/host_vars/ele-jitsi.yml @@ -46,3 +46,7 @@ jitsi_meet_auth: enable_guests: yes users: operator: "{{ vault_jitsi_meet_auth_user_passwords['operator'] }}" + +jitsi_meet_streamui: + http_port: "{{ jitsi_meet_http_port + 1 }}" + image_tag: latest diff --git a/roles/apps/jitsi/meet/defaults/main.yml b/roles/apps/jitsi/meet/defaults/main.yml index 9f249f0e..2580fe15 100644 --- a/roles/apps/jitsi/meet/defaults/main.yml +++ b/roles/apps/jitsi/meet/defaults/main.yml @@ -17,8 +17,13 @@ jitsi_meet_timezone: Europe/Vienna # jicofo_component_secret: "" ### only needed for versions older than stable-5765-1 # jicofo_auth_password: "" # jvb_auth_password: "" +# streamuidisplay_auth_password: "" ### only needed if streamui is enabled # jitsi_meet_auth: # enable_guests: true # users: # foo: secret + +# jitsi_meet_streamui: +# http_port: "{{ jitsi_meet_http_port + 1 }}" +# image_tag: latest diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml index b433a900..e83c789e 100644 --- a/roles/apps/jitsi/meet/tasks/main.yml +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -9,7 +9,37 @@ path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/{{ item }}" state: directory -- name: generate prosody cont-init.d script +- name: generate stream-ui specific cont-init scripts + when: jitsi_meet_streamui is defined + block: + - name: generate stream-ui specific cont-init scripts for prosody + copy: + content: | + #!/usr/bin/with-contenv bash + cat << EOF > /config/conf.d/stream-ui.cfg.lua + VirtualHost "stream-ui.meet.jitsi" + modules_enabled = { + "ping"; + } + authentication = "internal_hashed" + EOF + prosodyctl --config "/config/prosody.cfg.lua" register display stream-ui.meet.jitsi "{{ jitsi_meet_secrets.streamuidisplay_auth_password }}" + dest: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/streamui.sh" + mode: 0750 + + - name: generate stream-ui specific cont-init scripts for web + copy: + content: | + #!/usr/bin/with-contenv bash + cat << EOF >> /config/config.js + + // Hide Stream-UI Displays + config.hiddenDomain = 'stream-ui.meet.jitsi'; + EOF + dest: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/web/streamui.sh" + mode: 0755 + +- name: generate generic prosody cont-init script copy: content: | #!/usr/bin/with-contenv bash @@ -25,20 +55,52 @@ dest: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" mode: 0750 + +- name: configure base pod config hash items + set_fact: + kubernetes_standalone_pod_config_hash_items_base: + - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" + properties: + - checksum + kubernetes_standalone_pod_config_hash_items_streamui: [] + +- name: configure stream-ui pod config hash items + when: jitsi_meet_streamui is defined + set_fact: + kubernetes_standalone_pod_config_hash_items_streamui: + - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/streamui.sh" + properties: + - checksum + - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/streamui.sh" + properties: + - checksum + - name: install pod manifest vars: kubernetes_standalone_pod: name: "jitsi-meet-{{ jitsi_meet_inst_name }}" spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" mode: "0600" - config_hash_items: - - path: "{{ jitsi_meet_base_path }}/{{ jitsi_meet_inst_name }}/scripts/prosody/cont-init.sh" - properties: - - checksum + config_hash_items: "{{ kubernetes_standalone_pod_config_hash_items_base + kubernetes_standalone_pod_config_hash_items_streamui }}" include_role: name: kubernetes/standalone/pod -## TODO: https://github.com/jitsi/jitsi-meet/blob/master/doc/turn.md + +- name: configure base http proxy locations + set_fact: + nginx_vhost_locations_base: + '/': + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_http_port }}" + extra_directives: |- + client_max_body_size 0; + nginx_vhost_locations_streamui: {} + +- name: configure stream-ui http proxy locations + when: jitsi_meet_streamui is defined + set_fact: + nginx_vhost_locations_streamui: + '/stream-ui/': + proxy_pass: "http://127.0.0.1:{{ jitsi_meet_streamui.http_port }}/" - name: configure nginx vhost vars: @@ -48,10 +110,6 @@ acme: true hostnames: - "{{ jitsi_meet_hostname }}" - locations: - '/': - proxy_pass: "http://127.0.0.1:{{ jitsi_meet_http_port }}" - extra_directives: |- - client_max_body_size 0; + locations: "{{ nginx_vhost_locations_base | combine(nginx_vhost_locations_streamui) }}" include_role: name: nginx/vhost diff --git a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 index 0d6905a0..95f49982 100644 --- a/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 +++ b/roles/apps/jitsi/meet/templates/pod-spec.yml.j2 @@ -67,6 +67,12 @@ containers: subPath: prosody/cont-init.sh mountPath: /etc/cont-init.d/99-k8s readOnly: yes +{% if jitsi_meet_streamui is defined %} + - name: scripts + subPath: prosody/streamui.sh + mountPath: /etc/cont-init.d/90-streamui + readOnly: yes +{% endif %} - name: config subPath: prosody mountPath: /config @@ -128,6 +134,12 @@ containers: hostPort: {{ jitsi_meet_http_port }} hostIP: 127.0.0.1 volumeMounts: +{% if jitsi_meet_streamui is defined %} + - name: scripts + subPath: web/streamui.sh + mountPath: /etc/cont-init.d/90-streamui + readOnly: yes +{% endif %} - name: config subPath: web mountPath: /config @@ -210,6 +222,21 @@ containers: - name: TZ value: {{ jitsi_meet_timezone }} +{% if jitsi_meet_streamui is defined %} +- name: stream-ui + image: "get.more.failed.systems/public_projects/jitsi-stream-ui:{{ jitsi_meet_streamui.image_tag }}" + resources: + requests: + memory: "256Mi" + limits: + memory: "1Gi" + ports: + - protocol: TCP + containerPort: 3000 + hostPort: {{ jitsi_meet_streamui.http_port }} + hostIP: 127.0.0.1 + +{% endif %} volumes: - name: scripts hostPath: |